We’ve repeatedly reported that fake apps from Russian banks regularly appear in the App Store. Now this trend has gone beyond just one country. In a single week, two major scandals broke out in the App Store: a fake crypto app stole $9.5 million from people, and a popular deceptive app spent months collecting data about users’ health, religion, and intimate lives. Both programs passed Apple’s moderation and operated freely until journalists intervened. This raises an uncomfortable question: if the App Store can’t filter out blatantly fraudulent apps, what’s the point of it in its current form?
App Store turned out to be not as safe as we wanted
Fake Ledger Live App in the App Store
Although Apple regularly removes apps from the App Store, this time disaster couldn’t be avoided. A fake Ledger Live app led to the loss of at least $9.5 million from more than 50 victims — Bitcoin, Ethereum, Solana, Tron, and XRP were stolen. The fraud lasted from April 7 to 13, 2026.
The scheme was simple but effective. Users who downloaded the fake app entered their secret recovery phrase, thereby giving attackers full access to their wallets. The real Ledger app never asks for this phrase — this is the main red flag that, unfortunately, not everyone noticed.
The Mac app was simply stealing money
The app was listed in the Mac App Store under the publisher Leva Heal Limited — an account with no connection to the real Ledger team. The scammers created a fake version history, releasing major updates every few days — from version 1.0 to 5.0 in two weeks.
One of the victims, a musician going by the name G. Love, wrote on social media that he lost 5.9 BTC — all his savings accumulated over ten years. The three largest victims lost seven-figure sums: $3.23 million, $2.08 million, and $1.95 million respectively.
Freecash App: Collecting User Data Under the Guise of Earning Money
The second scandal the same week involved the Freecash app. It promised users up to $35 per hour for watching TikTok content. Sounds too good to be true? That’s exactly what it turned out to be.
Back in January, Wired drew attention to Freecash’s deceptive marketing, and Malwarebytes discovered that the app was collecting data about users’ race, religion, health, and biometrics. Essentially, Freecash operated as a personal data broker, reselling information to third parties.
The app offered easy money while siphoning your personal data
The app was downloaded 5.5 million times through the App Store and Google Play in January 2026 alone, and it ranked second in the US App Store. In practice, earning money by simply scrolling through TikTok was impossible — instead, users were offered to play Monopoly Go and Disney Solitaire for tiny payouts.
The Freecash developers apparently circumvented a previous ban: the first version of the app from Almedia GmbH was removed from the App Store back in 2024, after which an existing app from another developer was renamed to Freecash. This method of returning through someone else’s developer account violates App Store rules, although it’s not uncommon.
App Store Moderation: How Many Fraudulent Apps Does Apple Remove
In a statement, Apple said the company has “zero tolerance” for fraudulent and malicious apps, citing App Store rules that prohibit deceiving users. The Freecash developer account was blocked for violating rules related to deceptive marketing and fraud attempts.
Why do we need the App Store if it doesn’t protect users?
As proof of moderation effectiveness, Apple cited data from a May 2025 study: over the previous year, the company removed or rejected more than 17,000 apps for function substitution, rejected over 320,000 submissions for spam and copying, and blocked more than 37,000 potentially fraudulent apps.
The numbers are impressive, but there’s a catch. According to Apple, the moderation team processes more than 200,000 submissions weekly with an average review time of 1.5 days. With such volume, manually reviewing every app is an almost impossible task. But that’s exactly what Apple promises users when promoting the App Store as a safe platform.
App Store Security: Why App Review Doesn’t Work
The main problem isn’t one or two apps slipping through, but a systemic contradiction. Apple has spent years building the narrative: the App Store is safe because every app undergoes rigorous review. According to Apple itself, every app and every update is reviewed for compliance with privacy, security, and user protection requirements.
App Store search often shows suspicious clones of popular apps
But the facts say otherwise. The App Store in 2026 is overflowing with junk apps, fraudulent clones, and fake reviews. Fourteen years ago, Phil Schiller complained about “insane” scam apps, and from the outside, it’s hard to say the situation has improved. Reports in recent years have uncovered everything: from expensive VPN shells to clones of popular games that exploit users.
The Ledger Live case is particularly telling: Ledger — a French manufacturer of hardware wallets — distributes its official desktop software exclusively through its own website. A legitimate iOS version exists, but it’s not intended for macOS, meaning the very appearance of a Mac version in the App Store was an obvious red flag.
How to Protect Yourself from Fraudulent Apps in the App Store
While Apple improves its moderation, users should keep a few rules in mind:
- Download financial apps only via links from official developer websites, not through App Store search.
- Check the publisher: the developer name in the App Store should match the real company’s name.
- If an app promises easy money for watching videos or installing games, it’s almost certainly a scam or data collection scheme.
- Pay attention to recent reviews and the app’s publication date — fake apps often have a short history and suspiciously rapid version numbering.
Ledger’s CTO Charles Guillemet reminded users: “Ledger will never ask for your 24 words. If someone or some app asks for them — something is wrong.”
